SSH key pairs allow an additional level of security that can be used in conjunction with the SFTP protocol.
Key pairs are typically created by the client, and then the resulting public key is used by Core FTP Server.
The term SFTP can also refer to Secure file transfer program, a command-line program that implements the client part of this protocol. As an example, the sftp program supplied with OpenSSH implements this. Some implementations of the scp program support both the SFTP and SCP protocols to perform file transfers, depending on what the server. The SSH File Transfer Protocol (SFTP), also known as the Secure File Transfer Protocol, enables secure file transfer capabilities between networked hosts. Unlike the Secure Copy Protocol (SCP), SFTP additionally provides remote file system management functionality, allowing applications to resume interrupted file transfers, list the contents of. SSH.NET is an open source library codeplex for SSH and SFTP features. I was able to pull the latest code and get a working client in about 15 minutes. The library is great and the code rather straight forward. By creating my own ConnectionInfo instance with two authentication methods I was able to connect with a password and a key file.
Core FTP products use the OpenSSH SSH2 format, that can be generated using Core FTP software, or via the ssh-keygen utility.
Core FTP client -- creating a key pair
Step 1: Advanced site settings -> ssh
Step 2: Entering key information
Step 3: Selecting private key into client site profile
Additionally if no account password is being used for the server, check the Advanced -> General -> 'Don't prompt for password when empty' option.
ssh-keygen usage: (Unix/Linux)
rsa keys: ssh-keygen -t
dsa keys: ssh-keygen -t dsa
For Unix/Linux, dsa keys may be the preferred method due to better compatibility across operating systems.
Putty users using psftp need to export OpenSSH public keys using Puttygen
Entering public key into Core FTP Server
Once you have created a key pair, the public key file is then placed in a directory on the server that cannot be accessed by the client account.
Select the public key file in the Core FTP Server's user 'security properties', in the 'ssh pub cert' field.
The server will need the 'Allow key authentication' option checked in the domain setup.
For SSH key pairs and no account password, the 'Key authentication only' option should be checked. Users not using keypairs can bypass the public key requirementby selecting the 'User does not require key authentication' in the user's 'security' settings.
A SSH key pair can be created on the server side from the above screen, but it is not recommended due to the security issues involved in sending the private key and it's password to the client. A public key being passed from a client to the server (administrator) is a much better option from a security standpoint.
Example of a public key (file contents):AAAAB3NzaC1yc2EAAAABIwAAAIEA153PICRN2+viqQ2570jEfUPcWgknD079wX/QtdF0lIbMaOYeMba9jf/qqmfuWYSybNmpSxMZiyjbKDvH+iZ/iT0MwrK9x19Zkjb8nXugWtOOJSwiHc48DSwMkLDdbVdG/BvstHbBquBdQNkJz+VDxFO+P3TcfYbIsvx+YFxnbLU=
or
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA153PICRN2+viqQ2570jEfUPcWgknD079wX/QtdF0lIbMaOYeMba9jf/qqmfuWYSybNmpSxMZiyjbKDvH+iZ/iT0MwrK9x19Zkjb8nXugWtOOJSwiHc48DSwMkLDdbVdG/BvstHbBquBdQNkJz+VDxFO+P3TcfYbIsvx+YFxnbLU=
The '=' character should be the last character in the public key. Multiple keys can be in one file, one per line. Begining characters identifying the key type at the beginning (rsa or dsa) are acceptable and read by Core FTP Server.
Keys should be in multibyte format.
Core FTP software utilizes SSH2 and greater versions of SSH...SSH1 is not supported
Ssh Key For Sftp Server
Core FTP Server Build 405 and greater supports RFC 4716 SSH formatted keys
ssh keys